Today I was having a discussion regarding wordlist size, the calculation to come up with the specific size the wordlist would be once generated, and various other items revolving around password cracking. Somehow the application crunch came up which in the past has been used to generate wordlists however its fairly slow compared to other technologies out there specifically Hashcat/oclHashcat’s Anyhow during the discussion I was doing some searching and had not used crunch in quite a long time but was pleasantly surprised by one of the features which generates a quick, accurate, and useful output of information regarding number of combinations that will be generated from the combinations length plus the character set/wordlists input and how much disk space those the list will take up on the hard drive. Anyhow a couple interesting things I realized tonight using crunch that I wanted to share.

Crunch ! What is Crunch? Why Would I Care About Crunch?

“Crunch can create a wordlist based on criteria you specify. The output from crunch can be sent to the screen, file, or to another program”

Above is a sentence from the crunch man page to give you a quick idea of what crunch is used for. So as you can see the primary use of crunch is to generate wordlists or dictionaries which people primarily use for password cracking or brute forcing of some type however that is not what I will be using it for or actually anyone I know since again there are applications that do a much better job generating wordlists and the need for a standalone is not as valid because most of the password cracking have built in wordlist generation. The slick part about crunch is that it provides you a snapshot of what you are going to do before you actually do it. Not only do most people not realize how much space wordlists with any sort of beef take up but they could also cause themselves issues by letting something like crunch run while they go eat dinner only to come back and find there disk space has stopped working because it ran out of space.

So it may seem silly that calculations for wordlists is that important to me but it comes in handy more than a little bit. Not only does the discussion about wordlist size including wild ideas about petabyte wordlists that will save the world come up often but its nice to quote clients almost in realtime what they are looking at to accomplish their goal. Many clients seem to think that wordlists are small in size, quick to process, and will guarantee their safety but the reality is none of that is true in my opinion. There are only a couple people on the Internet that I know of that regularly use wordlists the size we do at tools.question-defense.com which include around 2 billion combinations. In the grand scheme of things that is not a lot considering we can process billions of hashes per second for all sorts of hashes at this point. So needless to say the fact is the calculation idea was brilliant and it really comes in handy.

Crunch will now generate the following amount of data: 2271215616 bytes

2166 MB

2 GB

0 TB

0 PB

Crunch will now generate the following number of lines: 286261248

acomputerhere:crunch3.2 alex$

In the above example I wanted to figure out how many MB/GB would be used on my hard drive if I were to generate a wordlist or dictionary that had a minimum length of five characters, a maximum length of 7 characters, and included only hexadecimal characters. Crunch spit out the above results in seconds and then it gives you 3 to 5 seconds to hit control-C to not generate the wordlist. As you can see from the results above this wordlist would have been 2,166 Megabytes or roughly 2 Gigabytes and would have included 286,261,248 combinations. If you are into wordlists, dictionaries, password cracking, and/or InfoSec then you can now see why this is so useful.

Crunch Wordlist Generator On Mac OSX Lion:

So now even slicker than the calculations above is the fact that crunch will install and run without issue on your Macbook running OSX. Below are a couple quick steps to get crunch running on your computer which I have actually only tested on OSX Lion 10.7.3. If you don’t have any of the commands below installed on your Mac then a quick Google search should remedy your problem.

Download & Unpack Crunch: First click here to download crunch. Once downloaded unpack crunch using tar from your OSX terminal as shown in the below example.

bash

acomputerhere:Desktop alex$ tar-zxvf crunch-3.2.tgz

x crunch3.2/

x crunch3.2/crunch.c

x crunch3.2/crunch.1

x crunch3.2/Makefile

x crunch3.2/charset.lst

x crunch3.2/GPL.TXT

acomputerhere:Desktop alex$

Compile Crunch On OSX: Now enter the directory you just generated by unpacking crunch which at the time of this writing is crunch3.2. Issue the below command which will first compile crunch and next generate the application. Make sure you run the make install command using sudo or as the root user.

bash

acomputerhere:crunch3.2 alex$ sudomake&amp;&amp; makeinstall

Password:

Building binary...

/usr/bin/gcc-Wall-lm-pthread-std=c99 crunch.c -o crunch

Creating directories...

/usr/bin/install-d-m755-o root -g root /pentest/passwords//crunch

install: root: Invalid argument

make: ***[install] Error 67

acomputerhere:crunch3.2 alex$

As seen above you will actually receive an error but not to worry as that was just trying to move crunch into a directory that doesn’t exist on OSX.If you want list the files and you will see a new file named crunch has been generated.

Echo OSX Path & Move Crunch: Now lets install crunch in your path on OSX so when you launch a Terminal window you can run it without having to track it down every time. Use the below set of commands to copy crunch to your $PATH environment variable. If the folder I copy crunch wordlist generator to below does not exist then add it to one of the other folders output by the echo command below.

bash

acomputerhere:crunch3.2 alex$ echo$PATH

/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/X11/bin

acomputerhere:crunch3.2 alex$ cp-p crunch /usr/local/bin/

acomputerhere:~ alex$ ls-alh|grep crunch

acomputerhere:~ alex$ crunch -v

crunch version 3.2

A quick run down of the commands we issued above follows. First we echo’d the current users $PATH which tells us what folders are included in our PATH, copied crunch to one of those folders, verified crunch was not already in the current directory (you should open a new terminal if you want to make sure you are not running crunch from a local directory), and then issued the crunch command with the -v switch to output the version number.

So there you have it.. Wordlist disk size calculations with minimal effort which adds another useful tool to your arsenal.